Custom Search

Wednesday, July 31, 2013

Suspected Bot List [2013-07-30]

detection period: 2013-07-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 371

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BG95.111.38.156Bulgaria
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR89.165.113.118Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MX177.224.245.64Mexico
MX177.228.74.25Mexico
MX187.174.173.18Mexico
MX200.92.57.205Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
US206.81.103.58United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-07-30]

detection period: 2013-07-30 00:00-23:59 UTC
total number of suspected botnet IPs: 3020
number of botnet IPs notified to network operators: 2650
number of spam blocked: 37562
recipient count of spam blocked: 1308189

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS458
2UNICOM-HN379
3CHINANET-GD306
4UNICOM-GD205
5CTTNET100
6KORNET-KR37
7CHINASKYNET34
8CHINANET-FJ34
9HINET-NET29
10SHENZHEN-CNC28

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1785
2United States216
3South Korea71
4Brazil70
5India62
6Italy55
7Argentina46
8Russian Federation44
9Taiwan43
10Spain41

Tuesday, July 30, 2013

Suspected Bot List [2013-07-29]

detection period: 2013-07-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 337

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BG95.111.38.156Bulgaria
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR89.165.113.118Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MX177.224.245.64Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
US206.81.103.58United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-07-29]

detection period: 2013-07-29 00:00-23:59 UTC
total number of suspected botnet IPs: 4342
number of botnet IPs notified to network operators: 4007
number of spam blocked: 47257
recipient count of spam blocked: 1516561

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS703
2HINET-NET379
3CHINANET-GD273
4UNICOM-HN250
5UNICOM-GD214
6CMNET174
7CTTNET110
8UNICOM-SD80
9CRTC78
10CHINASKYNET73

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2745
2Taiwan398
3United States369
4Brazil64
5Italy50
6India47
7Argentina43
8Colombia40
9Russian Federation39
10United Kingdom39

Monday, July 29, 2013

Suspected Bot List [2013-07-28]

detection period: 2013-07-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 156

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BG95.111.38.156Bulgaria
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR89.165.113.118Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MO122.100.223.108Macau
MX177.228.74.25Mexico
MX187.174.173.18Mexico
MX200.92.57.205Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
RU109.207.93.158Russian Federation
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
US206.81.103.58United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-07-28]

detection period: 2013-07-28 00:00-23:59 UTC
total number of suspected botnet IPs: 2638
number of botnet IPs notified to network operators: 2483
number of spam blocked: 45209
recipient count of spam blocked: 1538849

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET353
2UNICOM-GD200
3CHINANET-GD178
4UNICOM-HN149
5CTTNET89
6CMNET88
7CHINANET-JS68
8UNICOM-SD64
9CRTC51
10CHINASKYNET46

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1647
2Taiwan370
3United States70
4Brazil49
5Russian Federation32
6Argentina32
7Spain30
8Peru28
9Iran21
10Germany20

Sunday, July 28, 2013

Suspected Bot List [2013-07-27]

detection period: 2013-07-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 198

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
CN150.255.208.222China
GB193.164.207.16United Kingdom
IN59.97.157.51India
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR94.183.138.253Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
MX187.174.173.18Mexico
MX200.92.57.205Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
US206.81.103.58United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-07-27]

detection period: 2013-07-27 00:00-23:59 UTC
total number of suspected botnet IPs: 3870
number of botnet IPs notified to network operators: 3672
number of spam blocked: 63299
recipient count of spam blocked: 1981141

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD417
2HINET-NET322
3CMNET312
4UNICOM-HN261
5UNICOM-GD215
6CRTC188
7CTTNET141
8UNICOM-SD106
9CHINANET-JS100
10CHINASKYNET70

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2844
2Taiwan338
3United States72
4Argentina49
5Brazil47
6Spain35
7Italy32
8Russian Federation27
9Peru27
10India27

Saturday, July 27, 2013

Suspected Bot List [2013-07-26]

detection period: 2013-07-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 281

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
CN150.255.226.126China
GB193.164.207.16United Kingdom
IN117.218.129.170India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR89.165.113.118Iran
IT193.111.46.3Italy
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
US206.81.103.58United States

List from greylisting:

Botnet Statistics [2013-07-26]

detection period: 2013-07-26 00:00-23:59 UTC
total number of suspected botnet IPs: 2756
number of botnet IPs notified to network operators: 2475
number of spam blocked: 52902
recipient count of spam blocked: 1892146

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD404
2HINET-NET364
3UNICOM-GD153
4UNICOM-HN141
5CTTNET82
6CMNET80
7CRTC43
8CHINASKYNET42
9CHINANET-JS40
10CHINANET-FJ40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1421
2Taiwan392
3United States130
4Brazil63
5Peru60
6Argentina50
7Italy49
8India48
9Mexico38
10Spain38

Friday, July 26, 2013

Suspected Bot List [2013-07-25]

detection period: 2013-07-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 312

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
IN117.218.129.170India
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR89.165.113.118Iran
IT193.111.46.3Italy
LB212.36.193.187Lebanon
MO122.100.162.109Macau
MX177.224.245.64Mexico
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TW211.76.81.210Taiwan
US206.81.103.58United States

List from greylisting:

Botnet Statistics [2013-07-25]

detection period: 2013-07-25 00:00-23:59 UTC
total number of suspected botnet IPs: 4544
number of botnet IPs notified to network operators: 4232
number of spam blocked: 51387
recipient count of spam blocked: 1819427

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS950
2CHINANET-GD307
3HINET-NET263
4CMNET250
5UNICOM-GD182
6CRTC103
7UNICOM-SD92
8CTTNET83
9CHINANET-HN76
10UNICOM-HE66

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3069
2United States319
3Taiwan282
4Brazil69
5Peru63
6Argentina55
7Italy53
8Colombia43
9India41
10Mexico40

Thursday, July 25, 2013

Suspected Bot List [2013-07-24]

detection period: 2013-07-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 386

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
AL80.78.67.98Albania
BR150.161.30.7Brazil
CN112.0.4.158China
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
LB212.36.193.187Lebanon
MX177.224.245.64Mexico
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TW36.226.0.130Taiwan
TW36.226.0.183Taiwan
TW61.228.0.108Taiwan
TW61.228.0.242Taiwan
US206.81.103.58United States

List from greylisting:

Botnet Statistics [2013-07-24]

detection period: 2013-07-24 00:00-23:59 UTC
total number of suspected botnet IPs: 4196
number of botnet IPs notified to network operators: 3815
number of spam blocked: 57470
recipient count of spam blocked: 2089728

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS1096
2HINET-NET645
3UNICOM-GD181
4CHINANET-GD179
5CMNET73
6CHINASKYNET71
7UNICOM-BJ69
8CHINANET-HN44
9CHINANET-FJ42
10CTTNET40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2240
2Taiwan659
3United States327
4India76
5Italy68
6Brazil55
7Argentina45
8Spain44
9Colombia44
10Mexico42

Wednesday, July 24, 2013

Suspected Bot List [2013-07-23]

detection period: 2013-07-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 276

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
AL80.78.67.98Albania
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
MX177.224.245.64Mexico
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey

List from greylisting:

Botnet Statistics [2013-07-23]

detection period: 2013-07-23 00:00-23:59 UTC
total number of suspected botnet IPs: 3499
number of botnet IPs notified to network operators: 3224
number of spam blocked: 56139
recipient count of spam blocked: 1957604

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET880
2CHINANET-JS858
3CHINANET-GD134
4UNICOM-GD92
5CTTNET86
6UNICOM-BJ38
7MSFT-EP28
8CHINASKYNET28
9UNICOM-LN27
10CHINANET-FJ24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1561
2Taiwan888
3United States204
4India60
5Brazil54
6Italy53
7Argentina42
8Iran40
9Peru38
10Spain37

Tuesday, July 23, 2013

Suspected Bot List [2013-07-22]

detection period: 2013-07-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 308

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
CN124.42.238.0China
CO190.5.199.173Colombia
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TW36.226.0.48Taiwan
TW36.226.0.53Taiwan
TW36.226.0.222Taiwan
TW61.228.0.11Taiwan
TW114.45.0.190Taiwan
TW114.45.0.220Taiwan
US72.34.181.170United States

List from greylisting:

Botnet Statistics [2013-07-22]

detection period: 2013-07-22 00:00-23:59 UTC
total number of suspected botnet IPs: 3553
number of botnet IPs notified to network operators: 3252
number of spam blocked: 52519
recipient count of spam blocked: 1819050

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET671
2CHINANET-JS519
3CTTNET264
4UNICOM-GD212
5CHINANET-GD140
6CRTC87
7CHINASKYNET57
8SHENZHEN-CNC54
9MSFT-EP34
10ZTWL33

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1630
2Taiwan676
3United States304
4Brazil65
5Italy56
6India56
7Argentina56
8Iran47
9Peru45
10Spain41

Monday, July 22, 2013

Suspected Bot List [2013-07-21]

detection period: 2013-07-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 230

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
AL80.78.75.158Albania
BR150.161.30.7Brazil
CO190.5.199.173Colombia
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TN41.226.11.117Tunisia
TR82.222.189.43Turkey
TW36.226.0.99Taiwan
TW36.226.0.141Taiwan
TW36.226.0.235Taiwan
US23.20.0.182United States
US54.226.0.90United States
US54.226.0.146United States
US54.226.0.185United States
US54.226.0.194United States
US54.227.0.81United States
US54.227.0.83United States
US54.227.0.112United States
US54.227.0.117United States
US54.234.74.0United States
US54.242.167.0United States
US72.34.181.170United States
US184.73.51.0United States
US184.82.143.2United States
US184.82.143.3United States
US184.82.143.21United States
US184.82.143.34United States
US184.82.143.38United States
US184.82.143.70United States
US184.82.143.74United States
US184.82.143.86United States
US184.82.143.96United States
US184.82.143.115United States
US184.82.143.130United States
US184.82.143.140United States
US184.82.143.150United States
US184.82.143.175United States
US184.82.143.186United States
US184.82.187.138United States
US184.82.187.142United States
US184.82.187.145United States
US184.82.187.151United States
US184.82.187.157United States
US198.143.159.140United States
US206.81.103.58United States

List from greylisting:

Botnet Statistics [2013-07-21]

detection period: 2013-07-21 00:00-23:59 UTC
total number of suspected botnet IPs: 3771
number of botnet IPs notified to network operators: 3557
number of spam blocked: 116956
recipient count of spam blocked: 2659608

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET972
2AMAZON-2011L309
3CRTC286
4CTTNET250
5CHINANET-JS214
6UNICOM-GD203
7CHINANET-GD125
8CHINANET-HN66
9SHENZHEN-CNC56
10AMAZON-EC2-853

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1535
2Taiwan980
3United States589
4Brazil54
5Argentina46
6Iran40
7Russian Federation36
8Colombia33
9India32
10Peru30

Sunday, July 21, 2013

Suspected Bot List [2013-07-20]

detection period: 2013-07-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 269

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
CO190.5.199.173Colombia
GB193.164.207.16United Kingdom
GQ41.222.115.225Equatorial Guinea
IN117.218.129.170India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
MX187.174.173.18Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TN41.226.11.117Tunisia
TR82.222.189.43Turkey
TW36.226.0.3Taiwan
TW36.226.0.19Taiwan
TW36.226.0.22Taiwan
TW36.226.0.149Taiwan
TW36.226.0.180Taiwan
TW36.226.0.196Taiwan
TW36.226.0.198Taiwan
TW36.226.0.237Taiwan
TW114.45.0.52Taiwan
US23.20.0.182United States
US54.226.0.90United States
US54.226.46.0United States
US54.242.167.0United States
US72.34.181.170United States
US169.227.254.125United States
US184.73.0.240United States
US184.73.51.0United States
US184.82.143.2United States
US184.82.143.3United States
US184.82.143.21United States
US184.82.143.34United States
US184.82.143.38United States
US184.82.143.70United States
US184.82.143.74United States
US184.82.143.86United States
US184.82.143.96United States
US184.82.143.115United States
US184.82.143.130United States
US184.82.143.140United States
US184.82.143.150United States
US184.82.143.175United States
US184.82.143.186United States
US184.82.187.138United States
US184.82.187.142United States
US184.82.187.145United States
US184.82.187.151United States
US184.82.187.157United States
US198.143.159.140United States
US206.81.103.58United States

List from greylisting:

Botnet Statistics [2013-07-20]

The US took the number 1 position from China on July 20. 800+ bots were there, which is unusual. More specifically, no less than 500 suspected malware-infected computers were detected within Amazon's networks.

detection period: 2013-07-20 00:00-23:59 UTC
total number of suspected botnet IPs: 3290
number of botnet IPs notified to network operators: 3036
number of spam blocked: 121681
recipient count of spam blocked: 2426035

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET822
2AMAZON-2011L370
3UNICOM-GD201
4CHINANET-GD156
5AMAZON-EC2-876
6CHINASKYNET55
7SHENZHEN-CNC54
8ZTWL47
9CHINANET-HN47
10CHINANET-FJ46

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1United States868
2China847
3Taiwan829
4Brazil59
5Russian Federation48
6Iran45
7India43
8Argentina41
9Canada40
10Peru38

Saturday, July 20, 2013

Suspected Bot List [2013-07-19]

detection period: 2013-07-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 307

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
AL80.78.75.158Albania
BR150.161.30.7Brazil
CO190.5.199.173Colombia
GB193.164.207.16United Kingdom
GQ41.222.115.225Equatorial Guinea
HN190.107.140.77Honduras
IN117.218.129.170India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
RU46.39.0.14Russian Federation
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
TN41.226.11.117Tunisia
TR82.222.189.43Turkey
TW36.226.0.78Taiwan
TW36.226.0.218Taiwan
TW36.226.0.222Taiwan
TW61.228.0.58Taiwan
TW114.45.0.24Taiwan
US23.20.0.182United States
US54.226.0.90United States
US54.226.0.185United States
US54.226.0.194United States
US54.227.0.83United States
US72.34.181.170United States
US75.103.105.100United States
US169.227.254.125United States
US184.82.143.2United States
US184.82.143.3United States
US184.82.143.21United States
US184.82.143.34United States
US184.82.143.38United States
US184.82.143.70United States
US184.82.143.74United States
US184.82.143.86United States
US184.82.143.96United States
US184.82.143.115United States
US184.82.143.130United States
US184.82.143.140United States
US184.82.143.150United States
US184.82.143.175United States
US184.82.143.186United States
US184.82.187.138United States
US184.82.187.142United States
US184.82.187.145United States
US184.82.187.151United States
US184.82.187.157United States
US198.143.159.140United States

List from greylisting:

Botnet Statistics [2013-07-19]

detection period: 2013-07-19 00:00-23:59 UTC
total number of suspected botnet IPs: 4072
number of botnet IPs notified to network operators: 3777
number of spam blocked: 86629
recipient count of spam blocked: 2306770

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET957
2CHINANET-JS860
3AMAZON-2011L207
4UNICOM-GD193
5CHINANET-GD118
6CTTNET78
7CHINANET-FJ61
8SHENZHEN-CNC54
9AMAZON-EC2-851
10CHINASKYNET50

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1691
2Taiwan961
3United States589
4Brazil62
5Argentina48
6Spain47
7Italy46
8Mexico39
9Peru36
10India36

Friday, July 19, 2013

Suspected Bot List [2013-07-18]

detection period: 2013-07-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 407

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
AL80.78.75.158Albania
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
GQ41.222.115.225Equatorial Guinea
HN190.107.140.77Honduras
IN111.93.6.198India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
MX187.174.173.18Mexico
NG196.3.181.162Nigeria
PE190.12.66.226Peru
PE190.81.196.71Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
RO89.120.75.51Romania
RU46.39.0.14Russian Federation
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TW36.226.0.67Taiwan
TW36.226.0.189Taiwan
TW36.226.0.229Taiwan
TW61.228.0.168Taiwan
TW61.228.0.176Taiwan
US23.20.0.242United States
US50.197.38.178United States
US54.242.167.0United States
US72.34.181.170United States
US75.103.105.100United States
US169.227.254.125United States
US184.82.143.2United States
US184.82.143.3United States
US184.82.143.21United States
US184.82.143.34United States
US184.82.143.38United States
US184.82.143.70United States
US184.82.143.74United States
US184.82.143.86United States
US184.82.143.96United States
US184.82.143.115United States
US184.82.143.130United States
US184.82.143.140United States
US184.82.143.150United States
US184.82.143.175United States
US184.82.143.186United States
US184.82.187.138United States
US184.82.187.142United States
US184.82.187.145United States
US184.82.187.151United States
US184.82.187.157United States
US198.143.159.140United States
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2013-07-18]

detection period: 2013-07-18 00:00-23:59 UTC
total number of suspected botnet IPs: 5156
number of botnet IPs notified to network operators: 4761
number of spam blocked: 94605
recipient count of spam blocked: 2515318

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS1761
2HINET-NET963
3UNICOM-GD198
4CHINANET-GD151
5CTTNET148
6CHINASKYNET65
7SHENZHEN-CNC55
8CHINANET-FJ54
9AMAZON-2011L49
10ZTWL40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2780
2Taiwan973
3United States480
4Italy56
5Brazil55
6Peru52
7India52
8Colombia50
9Argentina45
10Mexico44

Thursday, July 18, 2013

Suspected Bot List [2013-07-17]

detection period: 2013-07-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 309

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
CN124.42.214.0China
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.218.129.170India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN202.63.105.226India
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MX177.228.74.25Mexico
MX187.174.173.18Mexico
MX200.92.57.205Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
RU46.39.0.14Russian Federation
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TW61.228.0.53Taiwan
TW61.228.0.75Taiwan
TW114.45.0.222Taiwan
US50.197.38.178United States
US72.34.181.170United States

List from greylisting:

Botnet Statistics [2013-07-17]

detection period: 2013-07-17 00:00-23:59 UTC
total number of suspected botnet IPs: 4919
number of botnet IPs notified to network operators: 4615
number of spam blocked: 55924
recipient count of spam blocked: 1746646

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS2293
2HINET-NET585
3UNICOM-GD115
4CTTNET115
5CHINANET-GD100
6CHINANET-FJ79
7SHENZHEN-CNC37
8MSFT-EP33
9CHINANET-HN31
10CHINASKYNET27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3034
2Taiwan592
3United States397
4Italy61
5Argentina61
6Brazil60
7India49
8United Kingdom44
9Spain43
10Russian Federation42

Wednesday, July 17, 2013

Suspected Bot List [2013-07-16]

detection period: 2013-07-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 294

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
CN124.42.237.0China
CO190.5.199.173Colombia
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN111.93.108.194India
IN117.218.50.225India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN202.63.105.226India
IR85.9.75.215Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
MX200.92.57.205Mexico
NG196.3.181.162Nigeria
PE190.12.66.226Peru
PE190.81.196.71Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
RS178.149.182.28Serbia
RU46.39.0.14Russian Federation
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TR193.255.143.62Turkey
TW36.226.0.39Taiwan
US23.20.0.182United States
US50.197.38.178United States
US54.224.0.47United States
US54.226.0.35United States
US54.226.46.0United States
US54.227.0.112United States
US72.34.181.170United States
US169.227.254.125United States

List from greylisting:

Botnet Statistics [2013-07-16]

detection period: 2013-07-16 00:00-23:59 UTC
total number of suspected botnet IPs: 4581
number of botnet IPs notified to network operators: 4295
number of spam blocked: 66683
recipient count of spam blocked: 2001770

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS1198
2HINET-NET952
3AMAZON-2011L218
4UNICOM-GD153
5CTTNET122
6CHINASKYNET71
7CHINANET-GD65
8AMAZON-EC2-863
9SHENZHEN-CNC48
10CHINANET-FJ43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2052
2Taiwan962
3United States645
4Brazil68
5India64
6Italy60
7Argentina49
8Russian Federation45
9Colombia41
10Mexico39

Tuesday, July 16, 2013

Suspected Bot List [2013-07-15]

detection period: 2013-07-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 331

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
GR89.210.205.217Greece
HN190.107.140.77Honduras
IN111.93.6.198India
IN117.218.50.225India
IN117.218.129.170India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.187Lebanon
PE190.12.66.226Peru
PE190.81.196.71Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK124.109.47.66Pakistan
PK203.215.162.36Pakistan
RS178.149.182.28Serbia
RU46.39.0.14Russian Federation
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
SV190.150.101.13El Salvador
TR82.222.189.43Turkey
TR193.255.143.63Turkey
US50.197.38.178United States
US54.226.46.0United States
US72.34.181.170United States

List from greylisting:

Botnet Statistics [2013-07-15]

detection period: 2013-07-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2952
number of botnet IPs notified to network operators: 2623
number of spam blocked: 68513
recipient count of spam blocked: 1951540

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS312
2HINET-NET261
3AMAZON-2011L171
4UNICOM-GD135
5CTTNET118
6CHINANET-GD80
7CHINASKYNET71
8AMAZON-EC2-850
9SHENZHEN-CNC49
10CRTC46

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1148
2United States555
3Taiwan269
4Brazil70
5Italy57
6India54
7Argentina53
8Spain51
9Colombia48
10Russian Federation44

Monday, July 15, 2013

Suspected Bot List [2013-07-14]

detection period: 2013-07-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 102

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
GR89.210.205.217Greece
IN59.96.66.2India
IN111.93.6.198India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.188Lebanon
MX177.228.74.25Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK111.68.104.132Pakistan
PK124.109.47.66Pakistan
PK203.215.162.36Pakistan
RS178.149.63.175Serbia
RU46.39.0.14Russian Federation
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
SV190.150.101.13El Salvador
TR82.222.189.43Turkey
TW61.228.0.184Taiwan
TW61.228.0.201Taiwan
US50.197.38.178United States
US54.226.0.79United States
US72.34.181.170United States

List from greylisting:

Botnet Statistics [2013-07-14]

detection period: 2013-07-14 00:00-23:59 UTC
total number of suspected botnet IPs: 1830
number of botnet IPs notified to network operators: 1732
number of spam blocked: 62952
recipient count of spam blocked: 1875939

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET258
2UNICOM-GD139
3CTTNET112
4CHINANET-JS90
5CHINASKYNET89
6CHINANET-GD86
7AMAZON-2011L84
8CRTC55
9CHINANET-FJ51
10SHENZHEN-CNC45

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China958
2Taiwan263
3United States189
4Brazil52
5Russian Federation40
6Iran21
7India19
8Ukraine16
9Argentina16
10Italy14

Sunday, July 14, 2013

Suspected Bot List [2013-07-13]

detection period: 2013-07-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 203

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
IN59.96.66.2India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN202.63.105.226India
IR82.99.246.10Iran
IT193.111.46.3Italy
LB212.36.193.188Lebanon
MX177.228.74.25Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK111.68.104.132Pakistan
PK203.215.162.36Pakistan
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
TW61.228.0.130Taiwan

List from greylisting:

Botnet Statistics [2013-07-13]

detection period: 2013-07-13 00:00-23:59 UTC
total number of suspected botnet IPs: 1674
number of botnet IPs notified to network operators: 1472
number of spam blocked: 43239
recipient count of spam blocked: 979876

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET310
2UNICOM-GD97
3CHINANET-GD91
4CTTNET78
5CHINASKYNET60
6CHINANET-FJ47
7SHENZHEN-CNC40
8CHINANET-SH25
9MSFT-EP21
10UNICOM-LN16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China634
2Taiwan316
3United States109
4Brazil47
5Italy37
6Peru34
7India34
8Russian Federation33
9Spain33
10Argentina32

Saturday, July 13, 2013

Suspected Bot List [2013-07-12]

detection period: 2013-07-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 395

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.111.92.120Arab Emirates
AL80.78.75.158Albania
BR150.161.30.7Brazil
GB193.164.207.16United Kingdom
GQ41.222.115.225Equatorial Guinea
GR89.210.205.217Greece
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR89.165.113.118Iran
IR91.98.36.84Iran
IR94.183.138.253Iran
IT193.111.46.3Italy
LB194.126.140.247Lebanon
LB212.36.193.188Lebanon
MX177.228.74.25Mexico
PE190.12.66.226Peru
PE190.187.168.186Peru
PE190.222.236.98Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE200.60.71.146Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
RU213.135.97.189Russian Federation
SA94.77.199.148Saudi Arabia
SV190.150.101.13El Salvador
TR82.222.189.43Turkey
TW36.226.0.241Taiwan
TW61.228.0.45Taiwan
US50.197.38.178United States
US72.34.181.170United States
US169.227.254.125United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-07-12]

detection period: 2013-07-12 00:00-23:59 UTC
total number of suspected botnet IPs: 3547
number of botnet IPs notified to network operators: 3154
number of spam blocked: 104557
recipient count of spam blocked: 2936147

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS1122
2HINET-NET511
3CTTNET128
4CHINANET-GD103
5CHINANET-FJ48
6UNICOM-GD43
7CHINANET-HN38
8MSFT-EP29
9CHINANET-SH25
10PE-TPSA-LACNIC24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1765
2Taiwan523
3United States260
4Brazil63
5Italy58
6Peru55
7Argentina53
8Russian Federation48
9Spain47
10India45

Friday, July 12, 2013

Suspected Bots' IP List for July 2013

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2013-07-01]
Suspected Bots IP [2013-07-02]
Suspected Bots IP [2013-07-03]
Suspected Bots IP [2013-07-04]
Suspected Bots IP [2013-07-05]
Suspected Bots IP [2013-07-06]
Suspected Bots IP [2013-07-07]
Suspected Bots IP [2013-07-08]
Suspected Bots IP [2013-07-09]
Suspected Bots IP [2013-07-10]
Suspected Bots IP [2013-07-11]
Suspected Bots IP [2013-07-12]
Suspected Bots IP [2013-07-13]
Suspected Bots IP [2013-07-14]
Suspected Bots IP [2013-07-15]
Suspected Bots IP [2013-07-16]
Suspected Bots IP [2013-07-17]
Suspected Bots IP [2013-07-18]
Suspected Bots IP [2013-07-19]
Suspected Bots IP [2013-07-20]
Suspected Bots IP [2013-07-21]
Suspected Bots IP [2013-07-22]
Suspected Bots IP [2013-07-23]
Suspected Bots IP [2013-07-24]
Suspected Bots IP [2013-07-25]
Suspected Bots IP [2013-07-26]
Suspected Bots IP [2013-07-27]
Suspected Bots IP [2013-07-28]
Suspected Bots IP [2013-07-29]
Suspected Bots IP [2013-07-30]
Suspected Bots IP [2013-07-31]